Meltdown And Spectre Proof Of Concept Malware Code Hits The Internet

It's been roughly a month since the first reports concerning Spectre and Meltdown began appearing on the web. Since that time, hardware and software companies have been working together to release BIOS/microcode updates, software patches, and operating system kernel updates to protect customers. Even though the industry has been pushing out fixes at a rapid rate, malicious actors looking to take advantage of the exploits have also been working overtime.

According to AV-TEST, an independent organization that specializes in software that detects malware, has found 139 specific instances of malware software that is designed to exploit Meltdown and Spectre chip vulnerabilities. AV-TEST goes on to indicate that 1) the sample binaries have been complied for Windows, Linux and macOS, and 2) the numbers of citing has risen dramatically over the past month.

In addition, FortiGuard Labs says that it has "analyzed all of the publicly available samples, representing about 83 percent of all the samples that have been collected, and determined that they were all based on proof of concept code. The other 17 percent may have not been shared publicly because they were either under NDA or were unavailable for reasons unknown to us."

FortiGuard goes on to warn that there are "key challenges" to addressing Spectre and Meltdown exploits because "affected chips are already embedded in millions of devices running in home or production environments" and that "developing a patch that resolves their exposed side-channel issues is extremely complicated."

As we've seen by the problems with bricked AMD systems and Intel systems that have been stricken with unexpected reboots, that last statement is most definitely accurate. For now, all PC users are urged to remain up-to-date with regards to OS updates, virus/malware definitions and BIOS updates. Following these practices is your best defense against what appears to be a brewing Meltdown-Spectre malware showdown.